Package hudson.security.csrf
Class CrumbExclusion
- java.lang.Object
-
- hudson.security.csrf.CrumbExclusion
-
- All Implemented Interfaces:
ExtensionPoint
- Direct Known Subclasses:
ApiCrumbExclusion,CliCrumbExclusion
public abstract class CrumbExclusion extends Object implements ExtensionPoint
Allows plugins to define exceptions to the CSRF protection filter. Please note that Jenkins 2.96 and newer accepts HTTP POST requests without CSRF crumb, if HTTP Basic authentication uses an API token instead of a password, so many use cases (simple API clients that support authentication but not obtaining a crumb) should be obsolete.- Since:
- 1.446
- Author:
- Kohsuke Kawaguchi
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface hudson.ExtensionPoint
ExtensionPoint.LegacyInstancesAreScopedToHudson
-
-
Constructor Summary
Constructors Constructor Description CrumbExclusion()
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description static ExtensionList<CrumbExclusion>all()abstract booleanprocess(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain)This method is called for every incoming POST request.
-
-
-
Method Detail
-
process
public abstract boolean process(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain chain) throws IOException, javax.servlet.ServletExceptionThis method is called for every incoming POST request.- Returns:
- true to indicate that the callee had processed this request (for example by reporting an error, or by executing the rest of the chain.)
- Throws:
IOExceptionjavax.servlet.ServletException
-
all
public static ExtensionList<CrumbExclusion> all()
-
-